'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

web_app:anyshare_rce(Rule ID:1070210503)

Release Date2025/9/15

Rule NameAnyShare Management Platform API start_service Remote Command Execution Vulnerability

Severity:critical

CVE ID

 

Descripiton

AnyShare Family 7 is a brand-new enterprise content management platform. It utilizes AI and cloud computing technologies as its system architecture and core technical capabilities, and is an intelligent content cloud specially designed for every organization. There is a command execution vulnerability in the /api/ServiceAgent/start_service of the Anyshare intelligent content management platform. Unauthenticated attackers can execute arbitrary commands through this vulnerability. This rule supports to defend the A6: Vulnerabe and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.